CSIA 300 Final Prep UPDATED ACTUAL Questions and CORRECT Answers
0 view 0 purchase
Course
CSIA 300
Institution
CSIA 300
CSIA 300 Final Prep UPDATED ACTUAL
Questions and CORRECT Answers
Which of the following phases of a system development life-cycle is most concerned with
authenticating users and processes to ensure appropriate access control decisions? -
CORRECT ANSWER- Operation and maintenance
What is the ...
CSIA 300 Final Prep UPDATED ACTUAL
Questions and CORRECT Answers
Which of the following phases of a system development life-cycle is most concerned with
authenticating users and processes to ensure appropriate access control decisions? -
CORRECT ANSWER✔✔- Operation and maintenance
What is the effective key size of DES? - CORRECT ANSWER✔✔- 56 bit
What are two types of ciphers? - CORRECT ANSWER✔✔- Transposition and substitution
When block chaining cryptography is used, what type of code is calculated and appended to
the data to ensure authenticity? - CORRECT ANSWER✔✔- Message authentication code
Which of the following is the most secure form of triple-DES encryption? - CORRECT
ANSWER✔✔- DES-EDE3
Cryptography does not help in - CORRECT ANSWER✔✔- Detecting fraudulent disclosure
All of the following statements about a security incident plan are correct EXCEPT -
CORRECT ANSWER✔✔- The plan should be published annually
Two separate employees are required to open a safe containing sensitive information. One
employee has part of the safe combination, and a second employee has another part of the
safe combination. This arrangement follows the principle of - CORRECT ANSWER✔✔-
Split custody
Within the realm of IT security, which of the following combinations best defines
risk? - CORRECT ANSWER✔✔- Threat coupled with a vulnerability
The purpose of a security incident debrief is all of the following EXCEPT: - CORRECT
ANSWER✔✔- Review of log files
,The primary impact of a pandemic on an organization is: - CORRECT ANSWER✔✔- Long
periods of employee absenteeism that impact the organization's ability to provide services
In what phase of a business continuity plan does a company proceed when it is ready to move
back into its original site or a new site? - CORRECT ANSWER✔✔- Reconstitution phase
The process of erasing magnetic media through the use of a strong magnetic field is known
as: - CORRECT ANSWER✔✔- Degaussing
A security manager has instructed a system administrator to wipe files on a hard disk. This
means that the administrator needs to: - CORRECT ANSWER✔✔- Use a tool to overwrite
files multiple times
Which of the following processes is concerned with not only identifying the root cause but
also addressing the underlying issue? - CORRECT ANSWER✔✔- Problem Management
What is the minimum and customary practice of responsible protection of assets that affects a
community or societal norm? - CORRECT ANSWER✔✔- Due care
What is one disadvantage of content-dependent protection of information? - CORRECT
ANSWER✔✔- increases processing overhead
In the event of a security incident, one of the primary objectives of the operations staff is to
ensure that.. - CORRECT ANSWER✔✔- there is minimal disruption to the organization's
mission
Which of the following statements pertaining to block ciphers is incorrect? - CORRECT
ANSWER✔✔- Plain text is encrypted with a public key and decrypted with a private key.
Cryptography does not help in: - CORRECT ANSWER✔✔- Detecting fraudulent disclosure
Where is firmware primarily stored on a computer system? - CORRECT ANSWER✔✔-
Read-only memory
, What size is an MD5 message digest (hash)? - CORRECT ANSWER✔✔- 128 bits
Which of the following mail standards relies on a "Web of Trust" ? - CORRECT
ANSWER✔✔- Pretty Good Privacy (PGP
How many bits is the effective length of the key of the Data Encryption Standard Algorithm?
- CORRECT ANSWER✔✔- 56
A demilitarized zone on a computer network exists for all of the following reasons except: -
CORRECT ANSWER✔✔- Reduces the load on firewalls
The primary advantage of the use of a central management console for anti-virus is: -
CORRECT ANSWER✔✔- Consolidation of reporting and centralized signature file
distribution
Which attack is primarily based on the fragmentation implementation of IP and uses large
ICMP packets? - CORRECT ANSWER✔✔- Ping of Death
TCP and UDP use port numbers of what length? - CORRECT ANSWER✔✔- 16 bits
A screening router can perform packet filtering based on which type of data? - CORRECT
ANSWER✔✔- Source and destination addresses and port numbers.
In the OSI model, at what level are TCP and UDP provided? - CORRECT ANSWER✔✔-
Transport
A workstation that can remotely access the organization's network through a VPN and access
the local LAN where the workstation is connected, all through the same physical network
connection, is using: - CORRECT ANSWER✔✔- Split tunneling
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller MGRADES. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $10.99. You're not tied to anything after your purchase.
